Cyber.spirit wrote:Yeah MaXe all of port scanners has same features but schedule scans is great and something that IDK is can we scan multiple host through command line?? if we can and if it's possible i think it can be good feature for your port scanner.
I think you should learn more about NMAP, as it has been possible to scan multiple hosts in that tool, since the beginning I assume, as I have been able to do it for the last 10 years. :-*
Scheduling scans, is possible with Nessus, Qualys, Burp (pro version only afaik), Acunetix, and a variety of other tools. I can schedule almost anything natively in each program, except for NMAP in the command line as far as I am concerned.
Cyber.spirit wrote:scan multiple host through command line??
This could slow down the process of scanning as the network interface buffer could get overloaded if the user scans loads of multiple hosts. also can introduce multi-threading risks. thanks for trying though ;)
No it won't overload the network interface if you do it with e.g. NMAP. If you use hping and send a syn flood with no timeout, you will most likely overload it, because you will be sending a million packets in a few seconds, while NMAP, even with -T5 (timing: aggressive), will probably never do that for good reasons. Same thing with scanrand.
There is no slowing down of the scanning process, only waiting for the final results. (i.e. it would take longer.)
Plus, what else should you be doing on your own computer, or your dedicated computer having a network purpose, while you scan for open services? Nothing. If you don't know what is available to you, the ethical hacker / penetration tester, there is nothing to attack server-side, so naturally like any other hacker do, you do the scans, even if it's just a simple port scan, and then you dive in further. (See Penetration Testing Frameworks, such as NIST SP800-42, PTES, etc. There's a reason why port scanning, is one of the first (not the very first), process of penetration testing, before you even think about anything else.)
nmap -sS -T5 192.168.1.0/24
Or whatever your local IP-address range is. /24 is a CIDR notation, which I won't explain in detail, but in this case it means "192.168.1.0-192.168.1.255". So, you would be scanning multiple hosts with NMAP, and I don't see any problems with that ;D
Exactly how do you think penetration testers, etc., work when they have to attack a network of 300, 1000, or 10000 hosts? Do you think they specify each single scan manually, or do you think they specify ranges or hosts? ::)